On Fri, Sep 17, 1999 at 06:10:35PM -0700, Jacob Joseph wrote:
> I'm on kernel 2.2, so I'm using ipchains, not a firewall persay.
AFAIK, ipchains is the replacement for ipfwadm which is used to build a
packet level firewall, ergo, you are using a firewall.
I assume you have an ipchains command to masquerade connections from
your local network to the Internet.
> > On Thu, Sep 16, 1999 at 08:03:57PM -0700, Jacob Joseph wrote:
> > > Hi. I've got a question about ftping from a masqueraded windows
> machine. When my machine uses the PORT command, it uses 192.168.0.2 as the
> address. It will still work, but some servers will only accept the client
> address, which is, of course, the linux box. How can I have masquerade
> change PORT to reflect it's address? I do have "/sbin/insmod ip_masq_ftp"
> in my rc.local.
As I mentioned before, the ip_masq_ftp module masquerades both the ip
address and the port. If it did not, the server would receive a port
command for an IP address in the private range (in this specific case)
which would be unreachable from the server. All external servers actually see
the IP address of the linux box, not the IP address of the windows client.
Certainly, an FTP server may balk while conversing with a windows
client, but I doubt it would be for that reason. The next time this
occurs, run you ftp client in verbose mode, if possible, to see what the
problem may be. Also, try connecting to the same server from other
masqueraded machines and other ftp client programs.
If the ftp_masq_ftp module is really sending the client's private range
IP address to the server, it is a bug and should be reported to the
maintainer.
--
Gyepi Sam --+-- Designer/Programmer --+-- Network/System Administrator
[EMAIL PROTECTED] --+-- http://www.praxis-sw.com/gyepi
It was a book to kill time for those who liked it better dead.
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
